package cn.lhl01.config;

import cn.lhl01.sys.constant.PubUriConstant;
import cn.lhl01.sys.handler.JwtHandler;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

//@Configuration
public class WebSecurityConfigOld extends WebSecurityConfigurerAdapter {

	@Autowired
	private JwtHandler jwtHandler;
//	@Autowired
//	private ReqPerHandler reqPerHandler;

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		/* 开启跨域共享,跨域伪造请求限制=无效 */
		http.cors().and().csrf().disable();
		/* rest 无状态 无session */
		http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);

		//表单登录无效
		http.formLogin().disable();

		/* 开启授权认证 */
		http.authorizeRequests()
				.antMatchers(PubUriConstant.PERMITALL.LOGINURL).permitAll()
				//唯一的加密入参接口
				.antMatchers(PubUriConstant.PERMITALL.APIURL).permitAll()
				.anyRequest().authenticated();

		// 用户权限不足处理器 如果使用全局异常处理  这个可不要
		//http.exceptionHandling().accessDeniedHandler(new AuthLimitHandler());

		/* 配置token验证过滤器 */
		http.addFilterBefore(jwtHandler, UsernamePasswordAuthenticationFilter.class);

		//配置参数加解密转发过滤器
		//http.addFilterBefore(reqPerHandler, UsernamePasswordAuthenticationFilter.class);
	}
}